Configuration
CVE-2010-2306
Summary
The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack.
- MEDIUM
- ADJACENT_NETWORK
- NONE
- PARTIAL
- PARTIAL
- NONE
CWE-16 - Configuration
Weaknesses in this category are typically introduced during the configuration of the software.
References
Advisory Timeline
- Published